Many modern devices require provisioning with confidential data. Such devices include devices that process valuable information, e.g., financial and content application; for example: set-top boxes, mobile phones, smart cards, tablets etc. There are more needs for secure provisioning however, for example, a device for which a secure boot process is desired to keep the firmware private needs a secret key. Confidential data also includes feature configuration data which determines which features of a devices or application are turned on.
One particular device in which both applications of provisioning are needed is car radio. Car radio applications have proprietary firmware which needs protection, e.g., through encryption thereof and a secure boot. Car radio applications also need secret keys for DRM applications.
The provisioning of secret keys, in particular symmetric keys can be a very expensive process. One reason for this is that the keys need to be transported from the device where the key is generated to the device where the key is inserted. There are hardware solutions for secure key transport and loading but these can require a great deal of operation overhead and are typically cost-prohibitive.
One possibility is for a customer of an integrated circuits manufacturer to send the keys via a secure channel to a closed and secure environment in the factory. This secure environment is costly to setup and to maintain. The second problem is that this key needs to be programmed in the IC and traditionally, this key is sent in the clear by tester equipment to the IC via e.g. a JTAG interface. The tester needs to generate the correct programming sequences to program the keys in the one-time programmable memory, such as eFuses. This programming sequence is time consuming as the eFuse needs to be programmed bit by bit.